Best Security Practices Using the Xumm (Tangem) Cards
How we recommend using the cards
Here are our top 5 recommendations when using the cards...
You should think of your card account as a savings account. The card is best used for your higher value accounts or long term savings. For maximum security, you should be using it at home, in a private and trusted environment. It is generally no a good idea to sign transactions in large public areas. (Think grocery stores, malls, crowded streets, etc.)
For daily spending it is recommended to use a regular XRPL account managed by Xumm. Think of this account as your daily spending account. It is the account that you would use in a public place, restaurant, shopping mall, etc. It is best used to store limited funds that will used on a daily basis. If your balance gets too low you can top it up from your saving account or if it gets too high you can send the excess to your saving account.
Your Xumm Tangem card is basically an advanced version of your master password to access your XRP Ledger account. You are probably very cautious when entering your pin/passcode for your bank card or credit card so you should be just a vigilant when it comes to your pin for your Xumm (Tangem) card.
You should only add the card(s) to a trusted phone. Things to ensure are:
- your device has the most recent security and OS updates.
- you have strong and complex passcodes/passwords
- Do not 'root' or jailbreak your phone.
- install applications only from the App Store and Google Play. Do not install “cracked” apps random sites on the internet.
- Review your installed applications from time-to-time and remove those you don’t use.
Public WiFi can be very dangerous. Malware, viruses, worms, "man in the middle" attacks, network snooping, session hi-jacking... the list goes on and on. If you use Xumm or Xumm (Tangem) cards, we strongly recommend against using public WiFi.
It is certainly safer to manage your funds using two or more separate accounts. Doing so provides the following benefits:
1) It limits the potential attack vectors to your card account
By limiting the location of where you use the card(s), you limit to potential places where someone might be able to intercept a transaction between Xumm and the card via NFC. Your home would theoretically be a more secure location than a shopping mall for example.
2) Having multiple accounts allows you to spread your funds between them
Some people have gone so far as to have multiple Xumm (Tangem) accounts and divide their funds between them. Having your funds spread out in several different accounts, ensures that if someone were to somehow get access to one account, they would not get access to all of your funds.
3) Having a dedicated "spending" account further limits your potential loss in case your account is compromised. A separate spending account that you actively manage helps to keep your "savings account(s)" safe by only exposing it to the world. Your Tangem card(s) remain at home, in a safe environment.
We understand that you might have additional questions regarding this topic so you are welcome to contact us any time via the Xumm Support xApp in Xumm or you can simply scan this QR code with Xumm and be directed there automatically.